_Sidebar.md
... ...
@@ -16,7 +16,6 @@
16 16
* [SSM Multicast](/howto/multicast)
17 17
* [MPLS](/howto/mpls)
18 18
* [Bird2](/howto/Bird2)
19
- * [Quagga](/howto/Quagga)
20 19
* [FRRouting](/howto/frr)
21 20
* [OpenBGPD](/howto/OpenBGPD)
22 21
* [Mikrotik RouterOS](/howto/mikrotik)
... ...
@@ -48,6 +47,7 @@
48 47
49 48
* Historical
50 49
* [Bird 1](/historical/Bird)
50
+ * [Quagga](/historical/Quagga)
51 51
52 52
* External Tools
53 53
* [Paste Board](https://paste.dn42.us)
historical/Quagga.md
... ...
@@ -0,0 +1,151 @@
1
+# Quagga
2
+
3
+Quagga is probably one of the oldest software router around. It still works, of course, even though it has an unattractive configuration syntax (unfortunately inspired by [Cisco's IOS](/howto/IPsecWithPublicKeys/CiscoIOSExample)) and has some small issues with IPv6. But since it's so old, you will find a lot of configuration examples around.
4
+
5
+## Source address selection
6
+
7
+Use this in your `zebra.conf`:
8
+
9
+```conf
10
+route-map RM_SET_SRC permit 10
11
+ set src 172.22.XX.XX
12
+ip protocol bgp route-map RM_SET_SRC
13
+```
14
+
15
+Unfortunately, this is not possible with IPv6...
16
+
17
+## Important bgp commands
18
+To connect to bgpd use:
19
+
20
+```sh
21
+$ vtysh
22
+```
23
+
24
+Which provides an interactive interface.
25
+In this interface '?' can be used to list the available commands or subcommands.
26
+
27
+## Configure Quagga
28
+a minimal config would look like this:
29
+
30
+```sh
31
+vtysh> configure terminal
32
+vtysh(config)> router bgp <your-asn>
33
+vtysh(config-router)> neighbor <neighbor-ip> remote-as <neighbor-asn>
34
+vtysh(config-router)> neighbor <neighbor-ip> interface <interface>
35
+vtysh(config-router)> exit
36
+vtysh(config)> exit
37
+```
38
+
39
+### IPv6
40
+for IPv6 do something like
41
+
42
+```sh
43
+vtysh> configure terminal
44
+vtysh(config)> router bgp <your-asn>
45
+vtysh(config-router)> neighbor <neighbor-ip> remote-as <neighbor-asn>
46
+vtysh(config-router)> neighbor <neighbor-ip> interface <interface>
47
+vtysh(config-router)> no neighbor <neighbor-ip> activate
48
+vtysh(config-router)> address-family ipv6
49
+vtysh(config-router-af)> neighbor <neighbor-ip> activate
50
+vtysh(config-router-af)> exit
51
+vtysh(config-router)> exit
52
+vtysh(config)> exit
53
+```
54
+
55
+### peer groups, prefix lists and such
56
+If you want to use 'prefix-list' to filter some of the prefixes quagga is receiving, you can use a 'peer-group' instead of apply the prefix list to every neighbor.
57
+
58
+Define a peer group:
59
+
60
+```sh
61
+vtysh(config-router)> neighbor <peer-group-name> peer-group
62
+```
63
+
64
+Apply to a neighbor:
65
+
66
+```sh
67
+vtysh(config-router)> neighbor <neighbor-ip> peer-group <name>
68
+```
69
+
70
+Apply a prefix list for incoming prefixes to your peer group:
71
+
72
+```sh
73
+vtysh(config-router)> neighbor <peer-group-name> prefix-list <prefix-list-name> in
74
+```
75
+
76
+#### Example filter list
77
+
78
+```sh
79
+ip prefix-list vpn-in description BGP IPv4 import filter
80
+!old network:
81
+ip prefix-list vpn-in seq 5 permit 172.22.0.0/15 ge 22 le 28
82
+!new dn42 allocation:
83
+ip prefix-list vpn-in seq 10 permit 172.20.0.0/16 ge 22 le 28
84
+
85
+! Anycast /32s for Whois and DNS:
86
+ip prefix-list vpn-in seq 11 permit 172.22.0.43/32
87
+ip prefix-list vpn-in seq 12 permit 172.22.0.53/32
88
+
89
+ip prefix-list vpn-in seq 18 permit 192.175.48.0/24
90
+ip prefix-list vpn-in seq 20 deny 10.10.10.0/24
91
+ip prefix-list vpn-in seq 21 permit 10.0.0.0/8
92
+ip prefix-list vpn-in seq 30 permit 172.31.0.0/16
93
+ip prefix-list vpn-in seq 39 permit 100.64.0.0/10
94
+ip prefix-list vpn-in seq 40 permit 195.160.168.0/23
95
+ip prefix-list vpn-in seq 41 permit 91.204.4.0/22
96
+ip prefix-list vpn-in seq 43 permit 193.43.220.0/23
97
+ip prefix-list vpn-in seq 46 permit 83.133.178.0/23
98
+ip prefix-list vpn-in seq 47 permit 87.106.29.254/32
99
+ip prefix-list vpn-in seq 50 permit 85.25.246.16/28
100
+ip prefix-list vpn-in seq 51 permit 46.4.248.192/27
101
+ip prefix-list vpn-in seq 60 permit 94.45.224.0/19
102
+ip prefix-list vpn-in seq 70 permit 195.191.196.0/23
103
+ip prefix-list vpn-in seq 80 permit 80.244.241.224/27
104
+ip prefix-list vpn-in seq 90 permit 46.19.90.48/28
105
+ip prefix-list vpn-in seq 91 permit 46.19.90.96/28
106
+ip prefix-list vpn-in seq 110 permit 188.40.34.241/32
107
+ip prefix-list vpn-in seq 130 permit 37.1.89.192/26
108
+ip prefix-list vpn-in seq 140 permit 178.33.32.123/32
109
+ip prefix-list vpn-in seq 150 permit 87.98.246.19/32
110
+ip prefix-list vpn-in seq 1000 deny 0.0.0.0/0
111
+
112
+ipv6 prefix-list vpn-in seq 10 permit fd00::/8 ge 9
113
+ipv6 prefix-list vpn-in seq 15 deny any
114
+```
115
+
116
+#### Example filter list script
117
+```sh
118
+#!/bin/bash
119
+
120
+vtysh -c 'conf t' -c "no ip prefix-list dn42"; #drop old prefix list
121
+
122
+while read pl
123
+do
124
+ vtysh -c 'conf t' -c "$pl"; #insert prefix list row by row
125
+done < <(curl -s https://ca.dn42.us/reg/filter.txt | grep -e ^[0-9] | awk '{ print "ip prefix-list dn42 seq " $1 " " $2 " " $3 " ge " $4 " le " $5}' | sed "s_/\([0-9]\+\) ge \1_/\1_g;s_/\([0-9]\+\) le \1_/\1_g");
126
+vtysh -c "wr" #write new prefix list
127
+
128
+```
129
+
130
+## show bpg session status
131
+
132
+in this example:
133
+* an active bgp session exists with peer 64713.
134
+* no (vpn) connection at all exists with peer 64692
135
+* a (vpn) connection with 4242421375 exists, but no bgp session
136
+
137
+```
138
+vtysh> show ip bgp summary
139
+BGP router identifier 172.22.100.254, local AS number 64698
140
+RIB entries 938, using 103 KiB of memory
141
+Peers 11, using 49 KiB of memory
142
+Peer groups 1, using 32 bytes of memory
143
+
144
+Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
145
+172.22.92.247 4 64692 0 0 0 0 0 never Connect
146
+...
147
+172.22.113.2 4 64713 2206 865 0 0 0 01:23:11 322
148
+....
149
+172.23.64.1 4 4242421375 0 0 0 0 0 never Active
150
+fe80::deca:fbad 4 64699 902 694 0 0 0 01:23:57 486
151
+```
howto/Getting-Started.md
... ...
@@ -332,7 +332,7 @@ You can find [configuration examples for Bird here](/howto/Bird2).
332 332
* [IPsec with public key authentication](/howto/IPsec-with-PublicKeys)
333 333
* BGP:
334 334
* [Bird](/howto/Bird2)
335
- * [Quagga](/howto/Quagga)
335
+ * [Quagga](/historical/Quagga)
336 336
* Router specific:
337 337
* [dn42 on OpenWRT](/howto/OpenWRT)
338 338
* [EdgeOS Configuration](/howto/EdgeOS-Config-Example)
howto/Quagga.md
... ...
@@ -1,151 +0,0 @@
1
-# Quagga
2
-
3
-Quagga is probably one of the oldest software router around. It still works, of course, even though it has an unattractive configuration syntax (unfortunately inspired by [Cisco's IOS](/howto/IPsecWithPublicKeys/CiscoIOSExample)) and has some small issues with IPv6. But since it's so old, you will find a lot of configuration examples around.
4
-
5
-## Source address selection
6
-
7
-Use this in your `zebra.conf`:
8
-
9
-```conf
10
-route-map RM_SET_SRC permit 10
11
- set src 172.22.XX.XX
12
-ip protocol bgp route-map RM_SET_SRC
13
-```
14
-
15
-Unfortunately, this is not possible with IPv6...
16
-
17
-## Important bgp commands
18
-To connect to bgpd use:
19
-
20
-```sh
21
-$ vtysh
22
-```
23
-
24
-Which provides an interactive interface.
25
-In this interface '?' can be used to list the available commands or subcommands.
26
-
27
-## Configure Quagga
28
-a minimal config would look like this:
29
-
30
-```sh
31
-vtysh> configure terminal
32
-vtysh(config)> router bgp <your-asn>
33
-vtysh(config-router)> neighbor <neighbor-ip> remote-as <neighbor-asn>
34
-vtysh(config-router)> neighbor <neighbor-ip> interface <interface>
35
-vtysh(config-router)> exit
36
-vtysh(config)> exit
37
-```
38
-
39
-### IPv6
40
-for IPv6 do something like
41
-
42
-```sh
43
-vtysh> configure terminal
44
-vtysh(config)> router bgp <your-asn>
45
-vtysh(config-router)> neighbor <neighbor-ip> remote-as <neighbor-asn>
46
-vtysh(config-router)> neighbor <neighbor-ip> interface <interface>
47
-vtysh(config-router)> no neighbor <neighbor-ip> activate
48
-vtysh(config-router)> address-family ipv6
49
-vtysh(config-router-af)> neighbor <neighbor-ip> activate
50
-vtysh(config-router-af)> exit
51
-vtysh(config-router)> exit
52
-vtysh(config)> exit
53
-```
54
-
55
-### peer groups, prefix lists and such
56
-If you want to use 'prefix-list' to filter some of the prefixes quagga is receiving, you can use a 'peer-group' instead of apply the prefix list to every neighbor.
57
-
58
-Define a peer group:
59
-
60
-```sh
61
-vtysh(config-router)> neighbor <peer-group-name> peer-group
62
-```
63
-
64
-Apply to a neighbor:
65
-
66
-```sh
67
-vtysh(config-router)> neighbor <neighbor-ip> peer-group <name>
68
-```
69
-
70
-Apply a prefix list for incoming prefixes to your peer group:
71
-
72
-```sh
73
-vtysh(config-router)> neighbor <peer-group-name> prefix-list <prefix-list-name> in
74
-```
75
-
76
-#### Example filter list
77
-
78
-```sh
79
-ip prefix-list vpn-in description BGP IPv4 import filter
80
-!old network:
81
-ip prefix-list vpn-in seq 5 permit 172.22.0.0/15 ge 22 le 28
82
-!new dn42 allocation:
83
-ip prefix-list vpn-in seq 10 permit 172.20.0.0/16 ge 22 le 28
84
-
85
-! Anycast /32s for Whois and DNS:
86
-ip prefix-list vpn-in seq 11 permit 172.22.0.43/32
87
-ip prefix-list vpn-in seq 12 permit 172.22.0.53/32
88
-
89
-ip prefix-list vpn-in seq 18 permit 192.175.48.0/24
90
-ip prefix-list vpn-in seq 20 deny 10.10.10.0/24
91
-ip prefix-list vpn-in seq 21 permit 10.0.0.0/8
92
-ip prefix-list vpn-in seq 30 permit 172.31.0.0/16
93
-ip prefix-list vpn-in seq 39 permit 100.64.0.0/10
94
-ip prefix-list vpn-in seq 40 permit 195.160.168.0/23
95
-ip prefix-list vpn-in seq 41 permit 91.204.4.0/22
96
-ip prefix-list vpn-in seq 43 permit 193.43.220.0/23
97
-ip prefix-list vpn-in seq 46 permit 83.133.178.0/23
98
-ip prefix-list vpn-in seq 47 permit 87.106.29.254/32
99
-ip prefix-list vpn-in seq 50 permit 85.25.246.16/28
100
-ip prefix-list vpn-in seq 51 permit 46.4.248.192/27
101
-ip prefix-list vpn-in seq 60 permit 94.45.224.0/19
102
-ip prefix-list vpn-in seq 70 permit 195.191.196.0/23
103
-ip prefix-list vpn-in seq 80 permit 80.244.241.224/27
104
-ip prefix-list vpn-in seq 90 permit 46.19.90.48/28
105
-ip prefix-list vpn-in seq 91 permit 46.19.90.96/28
106
-ip prefix-list vpn-in seq 110 permit 188.40.34.241/32
107
-ip prefix-list vpn-in seq 130 permit 37.1.89.192/26
108
-ip prefix-list vpn-in seq 140 permit 178.33.32.123/32
109
-ip prefix-list vpn-in seq 150 permit 87.98.246.19/32
110
-ip prefix-list vpn-in seq 1000 deny 0.0.0.0/0
111
-
112
-ipv6 prefix-list vpn-in seq 10 permit fd00::/8 ge 9
113
-ipv6 prefix-list vpn-in seq 15 deny any
114
-```
115
-
116
-#### Example filter list script
117
-```sh
118
-#!/bin/bash
119
-
120
-vtysh -c 'conf t' -c "no ip prefix-list dn42"; #drop old prefix list
121
-
122
-while read pl
123
-do
124
- vtysh -c 'conf t' -c "$pl"; #insert prefix list row by row
125
-done < <(curl -s https://ca.dn42.us/reg/filter.txt | grep -e ^[0-9] | awk '{ print "ip prefix-list dn42 seq " $1 " " $2 " " $3 " ge " $4 " le " $5}' | sed "s_/\([0-9]\+\) ge \1_/\1_g;s_/\([0-9]\+\) le \1_/\1_g");
126
-vtysh -c "wr" #write new prefix list
127
-
128
-```
129
-
130
-## show bpg session status
131
-
132
-in this example:
133
-* an active bgp session exists with peer 64713.
134
-* no (vpn) connection at all exists with peer 64692
135
-* a (vpn) connection with 4242421375 exists, but no bgp session
136
-
137
-```
138
-vtysh> show ip bgp summary
139
-BGP router identifier 172.22.100.254, local AS number 64698
140
-RIB entries 938, using 103 KiB of memory
141
-Peers 11, using 49 KiB of memory
142
-Peer groups 1, using 32 bytes of memory
143
-
144
-Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
145
-172.22.92.247 4 64692 0 0 0 0 0 never Connect
146
-...
147
-172.22.113.2 4 64713 2206 865 0 0 0 01:23:11 322
148
-....
149
-172.23.64.1 4 4242421375 0 0 0 0 0 never Active
150
-fe80::deca:fbad 4 64699 902 694 0 0 0 01:23:57 486
151
-```